integer overflow check
Julien Cristau
jcristau at debian.org
Mon Dec 15 14:46:49 PST 2014
On Mon, Dec 15, 2014 at 17:56:56 +0100, jes at posteo.de wrote:
> Hello,
>
> the recent xserver security patches included this patch:
> http://cgit.freedesktop.org/xorg/xserver/commit/?id=6692670fde081bbfe9313f17d84037ae9116702a
>
> I wonder why there is no integer overflow check in line 300 of
> http://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/dri2/dri2ext.c
>
> I'm asking myself why the overflow check is made after the
> REQUEST_FIXED_SIZE call.
> I read the macro and things should not explode when an overflow will happen.
> The undefined behavior could be avoided by moving the check before the call.
>
Which undefined behaviour? Overflow of signed ints is not undefined, as
far as I know...
Cheers,
Julien
More information about the xorg-devel
mailing list